package com.cqs.example.io.attack;

import java.io.FileInputStream;
import java.io.ObjectInputStream;

public class DeSerImp {
    public static void main(String args[]) throws Exception{
        // 以下就是反序列化操作
        // 打开object.ser文件
        FileInputStream fis = new FileInputStream("object.ser");
        ObjectInputStream ois = new ObjectInputStream(fis);
        // 使用从object.ser文件中读取对象
        try {
            SerObj deSerObj = (SerObj) ois.readObject();
            System.out.println(deSerObj.name);
        }catch (Throwable throwable){
            throwable.printStackTrace();
            return;
        }
        ois.close();
        fis.close();
    }
}